dap 0.1.9 → 0.1.10

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dap/filter/udp.rb +25 -4
  3. data/lib/dap/version.rb +1 -1
  4. data/spec/dap/filter/udp_filter_spec.rb +39 -0
  5. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 509c4659bddb3d19bd03810c38d9b7210a40f137
4
- data.tar.gz: 856444fb5a3a6352bdedd975fe47898c98eae2d0
3
+ metadata.gz: 6991fe2ebe6781802697f56a62a1a83dd5bbb83b
4
+ data.tar.gz: 8e6aef8bd4a882c6bbd0b0563926e00127079b91
5
5
  SHA512:
6
- metadata.gz: e6b147d71d185f1fc4f55582cdcde9d026d3421f2dd0fda0b3e48106d380c1049efd8fc3fb9ea2d5c189c59ed66f8db2929a944fe883e5f347a79ddf5440998e
7
- data.tar.gz: 2ca8a31ca56632bc319a1201787729ba7b3845ed55cc2e1126fc519a8effef604460e85af3a32741453d68659e27126bb7c09063648741761ef64795b0aeefac
6
+ metadata.gz: c9a979ee64979cae1d6dafa3ec261064ed67f69150fe2fe5ba3f045f01404b07bbb55da9bdc48d8f6b741cd899a25ee89536d58816ef1f1cbfee6da2c21dd65c
7
+ data.tar.gz: 4ba074456d6c4e4ac1503e8f9126cede1f2fbefa199f7a39e3071d101c6d86c3f4af42b65b6d438d7d31fdc8970825e62c915cb9a75f264314d930db8f8c14f9
data/lib/dap/filter/udp.rb CHANGED
@@ -38,19 +38,40 @@ end
38
38
  #
39
39
  # Decode a DNS bind.version probe response ( zmap: dns_53.pkt )
40
40
  #
41
+ # Note: The TCP DNS response contains two additional bytes at the beginning
42
+ # of the data which indicate length. Net::DNS::Packet doesn't handle this
43
+ # so we've implemented a fall back that will retry parsing with the first two
44
+ # bytes removed if the initial parsing attempt raises an exception.
45
+ #
41
46
  class FilterDecodeDNSVersionReply
42
47
  include BaseDecoder
43
48
  def decode(data)
44
49
  begin
45
50
  r = Net::DNS::Packet.parse(data)
46
- return if not r
51
+ rescue
52
+ r = nil
53
+ end
47
54
 
55
+ unless r
56
+ begin
57
+ # Perhaps a TCP DNS response, trim the first two bytes (length value)
58
+ # and try again..
59
+ trimmed_data = data[2..-1]
60
+ r = Net::DNS::Packet.parse(trimmed_data)
61
+ rescue
62
+ return {}
63
+ end
64
+ end
65
+
66
+ return {} unless r
67
+
68
+ begin
48
69
  # XXX: This can throw an exception on bad data
49
70
  vers = r.answer.map{|x| x.txt.strip rescue nil }.reject{|x| x.nil? }.first
50
- return if not vers
51
- return { "dns_version" => vers }
71
+ return {} unless vers
72
+ return { 'dns_version' => vers }
52
73
  rescue ::Exception
53
- { }
74
+ {}
54
75
  end
55
76
  end
56
77
  end
data/lib/dap/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Dap
2
- VERSION = "0.1.9"
2
+ VERSION = "0.1.10"
3
3
  end
data/spec/dap/filter/udp_filter_spec.rb ADDED
@@ -0,0 +1,39 @@
1
+ describe Dap::Filter::FilterDecodeDNSVersionReply do
2
+ describe '.decode' do
3
+
4
+ let(:filter) { described_class.new([]) }
5
+
6
+ context 'parsing empty string' do
7
+ let(:decode) { filter.decode('') }
8
+ it 'returns an empty hash' do
9
+ expect(decode).to eq( {} )
10
+ end
11
+ end
12
+
13
+ base64_string = "AF8074UAAAEAAQABAAAHVkVSU0lPTgRCSU5EAAAQAAPADAAQAAMAAAAAACcmOS44LjJyYzEtUmVkSGF0LTkuOC4yLTAuMzcucmMxLmVsNl83LjXADAACAAMAAAAAAALADA=="
14
+ test_string = base64_string.to_s.unpack('m*').first
15
+
16
+ context 'parsing a partial response' do
17
+ let(:decode) { filter.decode(test_string[2..10]) }
18
+ it 'returns an empty hash' do
19
+ expect(decode).to eq( {} )
20
+ end
21
+ end
22
+
23
+ context 'parsing TCP DNS response' do
24
+ let(:decode) { filter.decode(test_string) }
25
+ it 'returns the correct version' do
26
+ expect(decode).to eq({ 'dns_version' => '9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.5' })
27
+ end
28
+ end
29
+
30
+ # strip the first two bytes from the TCP response to mimic a UDP response
31
+ context 'parsing UDP DNS response' do
32
+ let(:decode) { filter.decode(test_string[2..-1]) }
33
+ it 'returns the correct version' do
34
+ expect(decode).to eq({ 'dns_version' => '9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.5' })
35
+ end
36
+ end
37
+
38
+ end
39
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dap
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.9
4
+ version: 0.1.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rapid7 Research
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-08-01 00:00:00.000000000 Z
11
+ date: 2017-08-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec
@@ -223,6 +223,7 @@ files:
223
223
  - spec/dap/filter/http_filter_spec.rb
224
224
  - spec/dap/filter/ldap_filter_spec.rb
225
225
  - spec/dap/filter/simple_filter_spec.rb
226
+ - spec/dap/filter/udp_filter_spec.rb
226
227
  - spec/dap/input/json_spec.rb
227
228
  - spec/dap/proto/ipmi_spec.rb
228
229
  - spec/dap/proto/ldap_proto_spec.rb
@@ -260,6 +261,7 @@ test_files:
260
261
  - spec/dap/filter/http_filter_spec.rb
261
262
  - spec/dap/filter/ldap_filter_spec.rb
262
263
  - spec/dap/filter/simple_filter_spec.rb
264
+ - spec/dap/filter/udp_filter_spec.rb
263
265
  - spec/dap/input/json_spec.rb
264
266
  - spec/dap/proto/ipmi_spec.rb
265
267
  - spec/dap/proto/ldap_proto_spec.rb